20 matches found
Ntemplatesbyxit
CVE Nuclei Templates Collection Author: Xit Exploiter --...
Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning
Capture-the-Flag CTF competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating...
Exploit for Deserialization of Untrusted Data in Facebook React
‼️ CVE-2025-55182 Pwn React2Shell RCE Exploit with Interactive...
An Empirical Study on the Security Vulnerabilities of GPTs
Equipped with various tools and knowledge, GPTs, one kind of customized AI agents based on OpenAI's large language models, have illustrated great potential in many fields, such as writing, research, and programming. Today, the number of GPTs has reached three millions, with the range of specific...
POCs
Proof of Concepts This repository contains Proof of Concept...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts
CVE-2024-53677: Apache Struts path traversal to RCE vulnerabil...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387 Installation et Exécution du script 💻 Pré...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387 Installation et Exécution du script 💻 Pré...
Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
CVE-2024-34102 POC for CVE-2024-34102. A pre-authentication XM...
The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash
Google is urging third-party Android app developers to incorporate generative artificial intelligence GenAI features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created throug...
Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024
CVE-2024-4358 / CVE-2024-1800 Telerik Report Server deserializ...
Exploit for Server-Side Request Forgery in Anyscale Ray
PoC for a remote command execution vulnerability in Ray framew...
Exploit for Code Injection in Openplcproject Openplc_V3_Firmware
CVE-2021-31630 Exploit CVE-2021-31630 Exploit PoC for OpenPLC...
SSH-Private-Key-Looting-Wordlists - A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names
SSH Private Key Looting Wordlists. A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names. LFI for Lateral Movement? Gain SSH Access? ?file=../../../../../../../../home/user/.ssh/idrsa ?file=../../../../../../../../home/user/.ssh/idrsa-cert SSH Private Key...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller
CVE-2023-4966-POC Proof Of Concept for NetScaler CVE-2023-4966...
How to Deploy Generative AI Safely and Responsibly
New uses for generative AI are being introduced every day—but so are new risks...
POC-EXP
This repository contains a collection of proof-of-concept PoC exploits for various vulnerabilities. The exploits are written in Python and target different applications, including Apache James Server, Apache Flink Web Dashboard, and Apache Solr. The Apache James Server exploit is a remote command...
PrivateTunnel Client 2.7.0 (x64) Local Credential Disclosure
PrivateTunnel Client v2.7.0 x64 Local Credentials Disclosure After Sign out Exploit Tested on Windows Windows 7 64bit, English Vendor Homepage @ https://www.privatetunnel.com Date 14/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Min...
PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure
PrivateTunnel Client v2.7.0 x64 Local Credentials Disclosure After Sign out Exploit Tested on Windows Windows 7 64bit, English Vendor Homepage @ https://www.privatetunnel.com Date 14/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Min...
Quake 3 Engine Client - 'CG_ServerCommand()' Remote Overflow
/ Quake 3 Engine Client CGServerCommand Remote Stack Overflow Exploit Win32 Written by RunningBon E-Mail: [email protected] IRC: irc.rizon.net kik This is a DLL, which gets injected into the server exe. You will need Microsoft Detours library to compile this exploit...